3. Back up your files

Whether you’re taking your laptop on holiday, or staying at home with your faithful desktop this festive season, don’t forget to back up your precious documents on all of your devices.

That way if your files are lost, stolen, “reconfigured” by a teenaged “expert”, or, worst of all, held for extortion by ransomware, you can still get your data back.

FREE GUIDE: How to stay protected against ransomware ►

4. Watch out for booby-trapped ATMs when out shopping

Watch out for modified ATMs when you withdraw money. Crooks often glue fake parts onto or around ATMs in the hope of covertly reading both your card data and your PIN.

If you see an ATM with any components that look as though they don’t belong, report it to the bank and the police. That way you protect yourself and everyone else too.

REAL-WORLD SECURITY: Grab hold of the ATM and give it a wiggle (really!) ►

5. Beware of login links in emails

When an email urges you to click on a link to login to your account and change your password, or something similar, it’s probably crooks trying to phish you onto a fake site that will look exactly like the real thing, except that the crooks get your password, not the real website.

If you want to check a transaction on one of your accounts, open your browser and browse to the website yourself.

REAL-WORLD CRIME: Anatomy of an iTunes phish ►

6. Look for the padlock in the URL bar when shopping online

A padlock in the address bar and a URL that starts with “HTTPS” means the website uses an encrypted or secure connection.

All major websites, not just financial institutions, use HTTPS these days, so if you see a site that’s asking for personal information but doesn’t have the padlock, you can be sure it’s a fake.

REAL-WORLD SECURITY: How your browser padlock works ►

7. Watch out for bogus courier emails

At Christmas time, you may very well get products delivered to your home, so you’ll be expecting a visit from a courier company. Crooks know this and send fake emails about bogus delivery problems, hoping to draw you into their web.

If you want to contact a courier company to check on a delivery, look up their phone number or email address yourself – don’t use any links or information from an email.

8. Don’t email your credit card details

Sometimes you’ll try to buy that special gift for Christmas, but your credit card won’t go through. In perfectly good faith, the seller may ask you to email through your card details to try again later.

But that email could end up in the hands of cybercrooks, even if the seller handles it with care once they’ve received it. Remember: if in doubt, don’t give it out!

REAL-WORLD CRIME: How card data gets bought and sold ►

9. Turn off Flash on your devices

Want to do one single, simple thing to improve your security, now and forever? Turn off Flash, or uninstall it altogether if you can.

Booby-trapped Flash files are still a popular way of spreading malware, and with fewer and fewer sites actually requiring Flash, it’s safer to do without it altogether.

LEARN MORE: See why crooks love Flash, and learn how to turn it off ►

10. Change default passwords before using new home video devices

Whether it’s a new baby monitor, home surveillance system, or any other internet-enabled camera, it probably has a default password.

If you don’t change the password then you are making it easy for a cybercriminal to hack in and watch whatever you’re filming. That could be you, your house, your baby, or something else that you’d prefer to keep away from prying eyes.

REAL-WORLD SECURITY: Why the FBI director puts tape over his webcam ►

11. Think before you share on social media

Maybe it sounds obvious, but oversharing on social media is a bad idea, and there is no better time to remind you of this than the party season.

Whether it’s photos of other people, your credit card details, the fact that you’re HOLDING A REALLY AMAZING PARTY ON FRIDAY NIGHT or anything else, stop and think before you share. Once you post it, you’ll never be able to take it back.

12. Upgrade the software on new devices before using them

Even “new” computers and hardware devices usually need updates right away. After all, between when they were made and when you first use them, the crooks have had time to find new security holes to attack.

If you want to protect your new devices, always patch before using them, even if it’s Christmas Day and you’re dying to try out your brand new present.

REAL-WORLD SECURITY: The Netgear router bug that needs patching ►

13. Free bonus tip!

Finally, make sure your computers at home are secure. Sophos Home is free and allows you to protect up to 10 Windows and Mac computers from malware, ransomware, phishing and more.

You can have different settings for adults and kids, and the web filter lets you block ads. It’s an easy-to-use solution that takes minutes to download and get started.

Post navigation

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too.
Follow him on Twitter: @duckblog

6 comments on “Our 12 tips for staying safe online this Christmas”

Funny, I must reading NS too much. Last week my boss asked me to create a podcast for security tips for staff and customers. I got 11 out of the 13, missed: https and emailing credit card etc. numbers. (Although I can’t imagine why anyone would send personal information on what amounts to an electronic postcard.) I’ll add them today. Thanks Paul, have a good holiday.

Paul, I really love and enjoy reading posts on naked security from you , I like your in-depth descriptions on computer security and end users. its fun to read. Thanks for the good work you are putting forward to the end user community, though many really never take it serious like we who know the crazy behind the wires. what more can be done , not sure but just saying out the same thing over and over and over ….hoping they understanding .